Privacy policy

Philip Day Ltd is strongly committed to protecting and
respecting the privacy of personal data that we maintain about our clients,
employees and contacts.

GDPR & other four-letter words
Your personal data is protected under the General Data Protection Regulation
(GDPR) with effect from 25th May 2018.

Who we are
We are Philip Day Ltd ("we", "us" or "our").

We are the Data Controller
The Data Controller is a person or organisation that determines the purposes
and the manner in which any personal data is processed. We are the Data
Controller for all activities carried out by Philip Day Ltd.

How we collect and use your information
We only ever use your personal data with your consent, or where it is necessary:
• to enter into, or perform, a contract with you;
• to comply with a legal duty;
• to protect your vital interests;
• for our own (or a third party’s) lawful interests, provided
your rights don’t override these; we may process personal information
for certain legitimate business purposes, which include some or all of the
following:
- where the processing enables us to enhance, modify, personalise or otherwise
improve our services/communications for the benefit of our customers;
- to identify and prevent fraud;
- to enhance the security of our network and information systems;
- to provide electronic or postal communications which we think will be
of interest to you; when we process your personal data for our legitimate
interests, we will make sure that we consider and balance any potential
impact on you (both positive and negative) and your rights under data protection
laws; our legitimate business interests do not automatically override your
interests; we will not use your personal data for activities where our interests
are overridden by the impact on you (unless we have your consent or are
otherwise required or permitted to by law); you have the right to object
to this processing if you wish, and if you wish to do so please contact
our firms Data Protection Officer; please bear in mind that if you object
this may affect our ability to carry out tasks above for your benefit;
- whenever we process data for these purposes we will ensure that we always
keep your personal data rights in high regard and take account of these
rights at all times.
• In any event, we’ll only use your information for the purpose
or purposes it was collected for (or for closely related purposes).

How long we will keep your information
We will only use and store information for so long as it is required for
the purposes it was collected for and in line with HMRC statutory rules
and guidelines. How long information will be stored depends on the information
in question and the purpose for which it is being used. For example, if
you ask us not to send you marketing e-mails, we will stop storing your
e-mails for marketing purposes (though we’ll keep a record of your
preference not to be e-mailed).
We continually review what information we hold and delete what is no longer
required. We will not retain your data for any longer than necessary and
the longest time that we will hold your data will be six years following
the end of the financial year to which it relates, unless you request otherwise.

Your rights
We want to ensure that you remain in control of your personal data. Part
of this is making sure you understand your legal rights, which are as follows:
• the right to confirmation as to whether we have your personal data
and, if we do, to obtain a copy of the personal information we hold (this
is known as a data subject access request);
• the right to have your data erased (though this will not apply where
it is necessary for us to continue to use the data for a lawful reason);
• the right to have inaccurate data rectified;
• the right to object to your data being used for marketing or profiling;
and,
• where technically feasible, you have the right to personal data
you have provided to us; please keep in mind that there are exceptions to
the rights above and, though we will always try to respond to your satisfaction,
there may be situations where we are unable to do so.

Contacting us
Should you have any queries, concerns, or even complaints, about how we
have processed your information you can raise these directly to our Data
Protection Officer using any of the following methods:
Post: Data Protection Officer, Bridgford Business Centre, 29 Bridgford Road,
West Bridgford, Nottingham, NG2 6AU.
Email: dataprotection@philipday.co.uk

Any complaints raised will be investigated thoroughly and a full detailed
response provided to you. If you remain unhappy with the outcome of your
complaint you have the right to raise this further with the Information
Commissioner’s Office (ICO). The ICO can be contacted via any of the
following methods:
Post: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Email: casework@ico.org.uk

The General Data Protection Regulation (GDPR)
To find out more about GDPR, follow the links below to read the guidelines
and information published by the Information Commissioner's Officer:
ico.org.uk - GDPR guide to individual rights
ico.org.uk - Guide to GDPR